Radiant Capital to Wind Down After $50 Million North Korea‑Linked Hack

Overview

• Radiant’s decentralized autonomous organization announced it will wind down operations after failing to recover from an October 2024 exploit that stole about $50–53 million.
• The protocol will remain in a maintenance state so the frontend and smart contracts stay accessible and users can withdraw assets, close positions, repay loans, and manage exposure.
• Security firm Mandiant linked the breach to the AppleJeus group tied to North Korea, saying attackers seized multiple multisig signer permissions and replaced the lending pool implementation to drain funds.
• Recovery work was hampered by laundering through mixers and multiple address swaps, with CertiK reporting 2,834 ETH sent to Tornado Cash and estimating roughly $10.8 million laundered.
• The shutdown highlights risks from developer supply‑chain and social‑engineering attacks in DeFi, underscores limits of DAO-led recoveries, and follows similar tactics observed in later incidents such as the April 2026 Drift Protocol exploit.